Yesterday, we noted that a new “Yontoo” malware hit the web that could inject advertising into websites (including Apple’s own site).
Today, Apple has blocked that malware by updating its anti-malware definition system.
The change was first reported by Intego:
Apple has decided the Yontoo Adware has fallen too far on the side of undesirable behavior, as they have released an update to the XProtect.plist definitions file to provide Mac OS X with basic detection for the Yontoo adware as OSX.AdPlugin.i. In testing, it appears this detection is very specific and potentially location-dependent. This extra specificity is likely there so as to catch only the surreptitious installations of this file.